OceanBase logo

OceanBase

A unified distributed database ready for your transactional, analytical, and AI workloads.

DEPLOY YOUR WAY

OceanBase Cloud

The best way to deploy and scale OceanBase

OceanBase Enterprise

Run and manage OceanBase on your infra

TRY OPEN SOURCE

OceanBase Community Edition

The free, open-source distributed database

OceanBase seekdb

Open source AI native search database

Customer Stories

Real-world success stories from enterprises across diverse industries.

View All
BY USE CASES

Mission-Critical Transactions

Global & Multicloud Application

Elastic Scaling for Peak Traffic

Real-time Analytics

Active Geo-redundancy

Database Consolidation

Resources

Comprehensive knowledge hub for OceanBase.

Blog

Live Demos

Training & Certification

Documentation

Official technical guides, tutorials, API references, and manuals for all OceanBase products.

View All
PRODUCTS

OceanBase Cloud

OceanBase Database

Tools

Connectors and Middleware

QUICK START

OceanBase Cloud

OceanBase Database

BEST PRACTICES

Practical guides for utilizing OceanBase more effectively and conveniently

Company

Learn more about OceanBase – our company, partnerships, and trust and security initiatives.

About OceanBase

Partner

Trust Center

Contact Us

International - English
中国站 - 简体中文
日本 - 日本語
Sign In
Start on Cloud

A unified distributed database ready for your transactional, analytical, and AI workloads.

DEPLOY YOUR WAY

OceanBase Cloud

The best way to deploy and scale OceanBase

OceanBase Enterprise

Run and manage OceanBase on your infra

TRY OPEN SOURCE

OceanBase Community Edition

The free, open-source distributed database

OceanBase seekdb

Open source AI native search database

Customer Stories

Real-world success stories from enterprises across diverse industries.

View All
BY USE CASES

Mission-Critical Transactions

Global & Multicloud Application

Elastic Scaling for Peak Traffic

Real-time Analytics

Active Geo-redundancy

Database Consolidation

Comprehensive knowledge hub for OceanBase.

Blog

Live Demos

Training & Certification

Documentation

Official technical guides, tutorials, API references, and manuals for all OceanBase products.

View All
PRODUCTS
OceanBase CloudOceanBase Database
ToolsConnectors and Middleware
QUICK START
OceanBase CloudOceanBase Database
BEST PRACTICES

Practical guides for utilizing OceanBase more effectively and conveniently

Learn more about OceanBase – our company, partnerships, and trust and security initiatives.

About OceanBase

Partner

Trust Center

Contact Us

Start on Cloud
编组
All Products
    • Databases
    • iconOceanBase Database
    • iconOceanBase Cloud
    • iconOceanBase Tugraph
    • iconInteractive Tutorials
    • iconOceanBase Best Practices
    • Tools
    • iconOceanBase Cloud Platform
    • iconOceanBase Migration Service
    • iconOceanBase Developer Center
    • iconOceanBase Migration Assessment
    • iconOceanBase Admin Tool
    • iconOceanBase Loader and Dumper
    • iconOceanBase Deployer
    • iconKubernetes operator for OceanBase
    • iconOceanBase Diagnostic Tool
    • iconOceanBase Binlog Service
    • Connectors and Middleware
    • iconOceanBase Database Proxy
    • iconEmbedded SQL in C for OceanBase
    • iconOceanBase Call Interface
    • iconOceanBase Connector/C
    • iconOceanBase Connector/J
    • iconOceanBase Connector/ODBC
    • iconOceanBase Connector/NET
icon

OceanBase Migration Service

V4.2.3Community Edition

  • OMS Documentation
  • OMS Community Edition Introduction
    • What is OMS Community Edition?
    • Terms
    • OMS Community Edition HA
    • Architecture
      • Overview
      • Hierarchical functional system
      • Basic components
    • Limitations
  • Quick Start
    • Data migration process
    • Data synchronization process
  • Deploy OMS Community Edition
    • Deployment modes
    • System and network requirements
    • Memory and disk requirements
    • Prepare the environment
    • Deploy OMS Community Edition on a single node
    • Deploy OMS Community Edition on multiple nodes in a single region
    • Deploy OMS Community Edition on multiple nodes in multiple regions
    • Integrate the OIDC protocol into OMS Community Edition to implement SSO
    • Scale out OMS Community Edition
    • Check the deployment
    • Deploy a time-series database (Optional)
  • OMS Community Edition console
    • Log on to the console of OMS Community Edition
    • Overview
    • User center
      • Configure user information
      • Change your logon password
      • Log off
  • Data migration
    • Overview
    • Migrate data from a MySQL database to OceanBase Database Community Edition
    • Migrate data from OceanBase Database Community Edition to a MySQL database
    • Migrate data from HBase to OBKV
    • Migrate data between instances of OceanBase Database Community Edition
    • Migrate data in active-active disaster recovery scenarios
    • Migrate data from a TiDB database to OceanBase Database Community Edition
    • Migrate data from a PostgreSQL database to OceanBase Database Community Edition
    • Manage data migration projects
      • View the details of a data migration project
      • Change the name of a data migration project
      • View and modify migration objects
      • Manage computing platforms
      • Use tags to manage data migration projects
      • Perform batch operations on data migration projects
      • Download and import settings of migration objects
      • Start and pause a data migration project
      • Release and delete a data migration project
    • Features
      • DML filtering
      • DDL synchronization
      • Configure matching rules for migration objects
      • Wildcard rules
      • Rename a database table
      • Use SQL conditions to filter data
      • Create and update a heartbeat table
      • Schema migration mechanisms
      • Schema migration operations
      • Set an incremental synchronization timestamp
    • Supported DDL operations in incremental migration and limits
      • DDL synchronization from MySQL database to OceanBase Community Edition
        • Overview of DDL synchronization from a MySQL database to a MySQL tenant of OceanBase Database
        • CREATE TABLE
          • Create a table
          • Create a column
          • Create an index or a constraint
          • Create partitions
        • Data type conversion
        • ALTER TABLE
          • Modify a table
          • Operations on columns
          • Operations on constraints and indexes
          • Operations on partitions
        • TRUNCATE TABLE
        • RENAME TABLE
        • DROP TABLE
        • CREATE INDEX
        • DROP INDEX
        • DDL incompatibilities between MySQL database and OceanBase Community Edition
          • Overview
          • Incompatibilities of the CREATE TABLE statement
            • Incompatibilities of CREATE TABLE
            • Column types that are supported to create indexes or constraints
          • Incompatibilities of the ALTER TABLE statement
            • Incompatibilities of ALTER TABLE
            • Change the type of a constrained column
            • Change the type of an unconstrained column
            • Change the length of a constrained column
            • Change the length of an unconstrained column
            • Delete a constrained column
          • Incompatibilities of DROP INDEX operations
      • Supported DDL operations in incremental migration from OceanBase Community Edition to a MySQL database and limits
      • Supported DDL operations in incremental migration between MySQL tenants of OceanBase Database
  • Data synchronization
    • Data synchronization overview
    • Create a project to synchronize data from OceanBase Database Community Edition to a Kafka instance
    • Create a project to synchronize data from OceanBase Database Community Edition to a RocketMQ instance
    • Manage data synchronization projects
      • View details of a data synchronization project
      • Change the name of a data synchronization project
      • View and modify synchronization objects
      • Use tags to manage data synchronization projects
      • Perform batch operations on data synchronization projects
      • Download and import the settings of synchronization objects
      • Start and pause a data synchronization project
      • Release and delete a data synchronization project
    • Features
      • DML filtering
      • DDL synchronization
      • Rename a topic
      • Use SQL conditions to filter data
      • Column filtering
      • Data formats
  • Create and manage data sources
    • Create data sources
      • Create an OceanBase-CE data source
      • Create a MySQL data source
      • Create a TiDB data source
      • Create a Kafka data source
      • Create a RocketMQ data source
      • Create a PostgreSQL data source
      • Create an HBase data source
    • Manage data sources
      • View data source information
      • Copy a data source
      • Edit a data source
      • Delete a data source
    • Create a database user
    • User privileges
    • Enable binlogs for the MySQL database
  • OPS & Monitoring
    • O&M overview
    • Go to the overview page
    • Server
      • View server information
      • Update the quota
      • View server logs
    • Components
      • Store
        • Create a store
        • View details of a store
        • Update the configurations of a store
        • Start and pause a store
        • Delete a store
      • Incr-Sync
        • View details of an Incr-Sync component
        • Start and pause an Incr-Sync component
        • Migrate an Incr-Sync component
        • Update the configurations of an Incr-Sync component
        • Batch O&M
        • Delete an Incr-Sync component
      • Full-Import
        • View details of a Full-Import component
        • Pause a Full-Import component
        • Rerun and resume a Full-Import component
        • Update the configurations of a Full-Import component
        • Delete a Full-Import component
      • Full-Verification
        • View details of a Full-Verification component
        • Pause a Full-Verification component
        • Rerun and resume a Full-Verification component
        • Update the configurations of a Full-Verification component
        • Delete a Full-Verification component
    • O&M Task
      • View O&M tasks
      • Skip a task or subtask
      • Retry a task or subtask
  • System management
    • Permission Management
      • Overview
      • Manage users
      • Manage departments
    • Alert center
      • View project alerts
      • View system alerts
      • Manage alert settings
    • Associate with OCP
    • System parameters
      • Modify system parameters
      • Modify HA configurations
  • OMS Community Edition O&M
    • Manage OMS services
    • OMS logs
    • Component O&M
      • O&M operations for the Supervisor component
      • CLI-based O&M for the Connector component
      • O&M operations for the Store component
    • Component tuning
      • Incr-Sync or Full-Import tuning
    • Component parameters
      • Coordinator
      • Condition
      • Source Plugin
        • Overview
        • StoreSource
        • DataFlowSource
        • LogProxySource
        • KafkaSource (TiDB)
        • HBaseSource
      • Sink Plugin
        • Overview
        • JDBC-Sink
        • KafkaSink
        • DatahubSink
        • RocketMQSink
        • HBaseSink
      • Store parameters
        • Parameters of a MySQL store
        • Parameters of an OceanBase store
      • Parameters of the CM component
      • Parameters of the Supervisor component
      • Full-Verification parameters
    • Set throttling
  • Reference Guide
    • API Reference
      • Overview
      • CreateProject
      • StartProject
      • StopProject
      • ResumeProject
      • ReleaseProject
      • DeleteProject
      • ListProjects
      • DescribeProject
      • DescribeProjectSteps
      • DescribeProjectStepMetric
      • DescribeProjectProgress
      • DescribeProjectComponents
      • ListProjectFullVerifyResult
      • StartProjectsByLabel
      • StopProjectsByLabel
      • CreateMysqlDataSource
      • CreateOceanBaseDataSource
      • ListDataSource
      • CreateLabel
      • ListAllLabels
      • ListFullVerifyInconsistenciesResult
      • ListFullVerifyCorrectionsResult
      • UpdateStore
      • UpdateFullImport
      • UpdateIncrSync
      • UpdateFullVerification
    • OMS error codes
    • Alert Reference
      • oms_host_down
      • oms_host_down_migrate_resource
      • oms_host_threshold
      • oms_migration_failed
      • oms_migration_delay
      • oms_sync_failed
      • oms_sync_status_inconsistent
      • oms_sync_delay
    • Telemetry parameters
  • Upgrade Guide
    • Overview
    • Upgrade OMS Community Edition in single-node deployment mode
    • Upgrade OMS Community Edition in multi-node deployment mode
    • FAQ
  • FAQ
    • General O&M
      • How do I modify the resource quotas of an OMS container?
      • Clear files in the Store component
      • How do I troubleshoot the OMS server down issue?
      • Deploy InfluxDB for OMS
      • Increase the disk space of the OMS host
    • Project diagnostics
      • What do I do when a store does not have data of the timestamp requested by the downstream?
      • What do I do when OceanBase Store failed to access an OceanBase cluster through RPC?
    • OPS & monitoring
      • What are the alert rules?
    • Data synchronization
      • FAQ about synchronization to a message queue
        • What are the strategies for ensuring the message order in incremental data synchronization to Kafka
    • Data migration
      • Full migration
        • How do I query the ID of a checker?
        • How do I query log files of the Checker component of OMS?
        • How do I query the verification result files of the Checker component of OMS?
        • What do I do if the destination table does not exist?
        • What can I do when the full migration failed due to LOB fields?
        • What do I do if garbled characters cannot be written into OceanBase Database V3.1.2?
      • Incremental synchronization
        • How do I skip DDL statements?
        • How do I update whitelists and blacklists?
        • What are the application scope and limits of ETL?
    • Installation and deployment
      • How do I upgrade Store?
      • How do I upgrade CDC?
      • What do I do when the "Failed to fetch" error is reported?
      • Change port numbers for components
      • Switch to the standby database

Download PDF

OMS Documentation What is OMS Community Edition? Terms OMS Community Edition HA Overview Hierarchical functional system Basic components Limitations Data migration process Data synchronization process Deployment modes System and network requirements Memory and disk requirements Prepare the environment Deploy OMS Community Edition on a single node Deploy OMS Community Edition on multiple nodes in a single region Deploy OMS Community Edition on multiple nodes in multiple regions Integrate the OIDC protocol into OMS Community Edition to implement SSO Scale out OMS Community Edition Check the deployment Deploy a time-series database (Optional) Log on to the console of OMS Community Edition Overview Configure user information Change your logon password Log off Overview Migrate data from a MySQL database to OceanBase Database Community Edition Migrate data from OceanBase Database Community Edition to a MySQL database Migrate data from HBase to OBKV Migrate data between instances of OceanBase Database Community Edition Migrate data in active-active disaster recovery scenarios Migrate data from a TiDB database to OceanBase Database Community Edition Migrate data from a PostgreSQL database to OceanBase Database Community Edition View the details of a data migration project Change the name of a data migration project View and modify migration objects Manage computing platforms Use tags to manage data migration projects Perform batch operations on data migration projects Download and import settings of migration objects Start and pause a data migration project Release and delete a data migration project DML filtering DDL synchronization Configure matching rules for migration objects Wildcard rules Rename a database table Use SQL conditions to filter data Create and update a heartbeat table Schema migration mechanisms Schema migration operations Set an incremental synchronization timestamp Supported DDL operations in incremental migration from OceanBase Community Edition to a MySQL database and limits Supported DDL operations in incremental migration between MySQL tenants of OceanBase Database Data synchronization overview Create a project to synchronize data from OceanBase Database Community Edition to a Kafka instance Create a project to synchronize data from OceanBase Database Community Edition to a RocketMQ instance View details of a data synchronization project Change the name of a data synchronization project View and modify synchronization objects Use tags to manage data synchronization projects Perform batch operations on data synchronization projects Download and import the settings of synchronization objects Start and pause a data synchronization project Release and delete a data synchronization project DML filtering DDL synchronization Rename a topic Use SQL conditions to filter data Column filtering Data formats Create an OceanBase-CE data source Create a MySQL data source Create a TiDB data source Create a Kafka data source Create a RocketMQ data source Create a PostgreSQL data source Create an HBase data source View data source information Copy a data source Edit a data source Delete a data source Create a database user User privileges Enable binlogs for the MySQL database O&M overview Go to the overview page View server information Update the quota View server logs View O&M tasks Skip a task or subtask Retry a task or subtask Overview Manage users Manage departments View project alerts View system alerts Manage alert settings
OceanBase logo

The Unified Distributed Database for the AI Era.

Follow Us
Products
OceanBase CloudOceanBase EnterpriseOceanBase Community EditionOceanBase seekdb
Resources
DocsBlogLive DemosTraining & Certification
Company
About OceanBaseTrust CenterLegalPartnerContact Us
Follow Us

© OceanBase 2026. All rights reserved

Cloud Service AgreementPrivacy PolicySecurity
Contact Us
Document Feedback
  1. Documentation Center
  3. OceanBase Migration Service
  5. V4.2.3
iconOceanBase Migration Service
V 4.2.3Community Edition
Enterprise Edition
  • V 4.3.2
  • V 4.3.1
  • V 4.3.0
  • V 4.2.5
  • V 4.2.4
  • V 4.2.3
  • V 4.0.2
  • V 3.4.0
Community Edition
  • V 4.2.12
  • V 4.2.11
  • V 4.2.10
  • V 4.2.9
  • V 4.2.8
  • V 4.2.7
  • V 4.2.6
  • V 4.2.5
  • V 4.2.4
  • V 4.2.3
  • V 4.2.1
  • V 4.2.0
  • V 4.0.0
  • V 3.3.1

Integrate the OIDC protocol into OMS Community Edition to implement SSO

Last Updated:2024-09-18 02:01:08  Updated
share
What is on this page
Obtain parameters from the authentication center
Configure a callback URL
Deploy OMS Community Edition
Prerequisites
Procedure
Template and example of a configuration file
Configuration file template
Sample configuration file

folded

share

OceanBase Migration Service (OMS) Community Edition must be integrated with the OpenID Connect (OIDC) protocol to adapt to the OAuth 2.0 authentication center. Currently, only the authorization-code mode is supported. This topic describes the configurations to be updated to integrate the OIDC protocol into OMS to implement third-party single sign-on (SSO).

Obtain parameters from the authentication center

You must add your application to the third-party SSO service to obtain parameters required by OIDC, such as the application ID and key.

Parameter Description
clientId The client ID of the third-party application.
clientSecret The client secret of the third-party application.
scope The authorization scope. The value is a list of permission IDs separated with commas (,). openid must be included in the value. Example: openid,profile.
ClientAuthenticationMethod The authentication method. Valid values: client_secret_basic (recommended) and basic.
jwk_set_uri The endpoint used to retrieve the public key of the JSON web key (JWK) for decoding the JWK.
authorization_uri The authorization endpoint.
token_uri The endpoint used to obtain a token.

Configure a callback URL

If the third-party SSO system has a logon callback URL whitelist, you must configure the whitelist.

Set the logon callback URL to http://{serverDomain}/login/oauth2/code/oms, in which serverDomain is the domain name of the server where OMS Community Edition is deployed.

Deploy OMS Community Edition

This section describes how to log on to OMS Community Edition deployed on a single node. If you want to deploy OMS on multiple nodes in a single region or on multiple nodes in multiple regions, see the "Deploy OMS with the configuration file available" section of the Deploy OMS on multiple nodes in a single region or Deploy OMS on multiple nodes in multiple regions topic.

Prerequisites

  • The installation environment meets the system and network requirements. For more information, see System and network requirements.

  • You have created a MetaDB cluster for OMS Community Edition.

  • You have obtained the installation package of OMS Community Edition, which is generally a tar.gz file whose name starts with oms.

  • You have loaded the installation package of OMS Community Edition to the local image repository of the Docker container.

    docker load -i <Installation package of OMS Community Edition>

  • You have prepared a directory for mounting the container of OMS Community Edition. In the mount directory, OMS Community Edition will create the /home/admin/logs, /home/ds/store, and /home/ds/run directories for storing the component information and logs generated during the running of OMS Community Edition.

  • (Optional) You have prepared a time-series database for storing performance monitoring data and DDL/DML statistics of OMS Community Edition.

Procedure

  1. Log on to the server where OMS Community Edition is deployed.

  2. (Optional) Deploy a time-series database.

    If you need to collect and display OMS monitoring data, deploy a time-series database. Otherwise, you can skip this step. For more information, see Deploy a time-series database.

  3. Run the following command to obtain the deployment script from the loaded image:

    sudo docker run -d --net host --name oms-config-tool <OMS_IMAGE> bash && sudo docker cp oms-config-tool:/root/docker_remote_deploy.sh . && sudo docker rm -f oms-config-tool

    Here is an example:

    sudo docker run -d --net host --name oms-config-tool work.oceanbase-dev.com/obartifact-store/oms:feature_3.4.0 bash && sudo docker cp oms-config-tool:/root/docker_remote_deploy.sh . && sudo docker rm -f oms-config-tool

  4. Use the deployment script to start the deployment tool.

    bash docker_remote_deploy.sh -o <Mount directory of the container of OMS Community Edition> -c <Address of the existing config.yaml configuration file> -i <Host IP address> -d <OMS_IMAGE>

    The deployment tool of OMS Community Edition automatically verifies the CPU, memory, and disk resources. If any resource item does not meet the requirement, the deployment tool will display a message prompting that insufficient resources will affect the data migration speed.

  5. Complete the deployment as prompted. After you set each parameter, press Enter to move on to the next parameter.

    1. Select a deployment mode.

      Select Single Node in Single Region.

    2. Select a task.

      Select Use Configuration File Uploaded with Script Option [-c].

    3. If the system displays The specified database names already exist in the MetaDB. Are you sure that you want to continue?, the database names you specified already exist in the MetaDB in the original configuration file. This may be caused by repeated deployment or upgrade of OMS Community Edition. You can enter y and press Enter to proceed, or enter n and press Enter to re-specify the settings.

    4. If the configuration file passes the check, all the settings are displayed. If the settings are correct, enter y and press Enter to proceed. Otherwise, enter n and press Enter to modify the settings.

      If the configuration file fails the check, modify the configuration information as prompted.

    5. Specify the directory to which the container of OMS Community Edition is mounted in the host.

      Specify a directory with a large capacity.

    6. Confirm whether the image file of OMS Community Edition can be named as OMS_IMAGE.

      If yes, enter y and press Enter to proceed. Otherwise, enter n and press Enter to modify the settings.

    7. Determine whether to mount an SSL certificate to the container of OMS Community Edition.

      If yes, enter y, press Enter, and specify the https_key and https_crt directories as prompted. Otherwise, enter n and press Enter.

    8. Start the deployment.

If you want to modify the configurations after the deployment, log on to the container of OMS Community Edition and perform the following steps:

  1. Modify the config.yaml file based on business needs.

  2. Run the python -m omsflow.scripts.units.oms_init_manager --init-config-file command.

  3. Run the supervisorctl restart oms_console oms_drc_supervisor command.

Template and example of a configuration file

Configuration file template

Notice

  • You must replace the sample values of required parameters based on your actual deployment environment. Both the required and optional parameters are described in the following table. You can specify the optional parameters as needed.

  • In the config.yaml file, you must specify the parameters in the key: value format, with a space after the colon (:).

# Information about the MetaDB for OMS Community Edition
oms_meta_host: ${oms_meta_host}
oms_meta_port: ${oms_meta_port}
oms_meta_user: ${oms_meta_user}
oms_meta_password: ${oms_meta_password}
     
# You can define the names of the following three databases, which are created in the MetaDB during the deployment of OMS Community Edition.
drc_rm_db: ${drc_rm_db}
drc_cm_db: ${drc_cm_db}
drc_cm_heartbeat_db: ${drc_cm_heartbeat_db}
     
# Cluster configuration information of OMS Community Edition
# In single-node deployment mode, the URL of the CM service is generally set to the IP address of the server where OMS Community Edition is deployed. An internal IP address is recommended.
cm_url: ${cm_url}
cm_location: ${cm_location}
# The cm_region parameter is not required in single-node deployment mode.
# cm_region: ${cm_region}
# The cm_region_cn parameter is not required in single-node deployment mode.
# cm_region_cn: ${cm_region_cn}
cm_is_default: true
cm_nodes:
 - ${cm_nodes}
     
# Configurations of the time-series database
# The default value of `tsdb_enabled`, which specifies whether to configure a time-series database, is `false`. To enable metric reporting, set the parameter to `true`.
# tsdb_enabled: false 
# If the `tsdb_enabled` parameter is set to `true`, delete comments for the following parameters and specify the values based on your actual configurations.
# tsdb_service: 'INFLUXDB'
# tsdb_url: '${tsdb_url}'
# tsdb_username: ${tsdb_user}
# tsdb_password: ${tsdb_password}

# The following parameters need to be added when you log on to OMS Community Edition by using SSO.
oms_iam_auth: OAUTH2   
oms_oauth2_user_account_name_field: nickname
oms_oauth2_sso_login_url: http://oms.example.org:8090/omsp/oauth2/authorization/oms?oms_back_url=http://oms.example.org:8089
spring_security_oauth2_client_registration_oms_client_id: xxx
spring_security_oauth2_client_registration_oms_client_secret: xxx
spring_security_oauth2_client_registration_oms_redirect_uri: http://oms.example.org:8090/omsp/login/oauth2/code/{registrationId}
spring_security_oauth2_client_registration_oms_authorization_grant_type: authorization_code
spring_security_oauth2_client_registration_oms_scope: openid,profile
spring_security_oauth2_client_registration_oms_clientAuthenticationMethod: client_secret_basic
spring_security_oauth2_client_registration_oms_provider: oms
spring_security_oauth2_client_provider_jwk_set_uri: https:xxx.com
spring_security_oauth2_client_provider_authorization_uri: https://xxxx/api/auth
spring_security_oauth2_client_provider_token_uri: https://xxx/api/token
Parameter Description Required?
oms_meta_host The IP address of the MetaDB, which can be the IP address of a MySQL database or a MySQL tenant of OceanBase Database.
Notice:
This parameter is valid only in OceanBase Database V2.0 and later.		 Yes
oms_meta_port The port number of the MetaDB. Yes
oms_meta_user The username of the MetaDB. Yes
oms_meta_password The user password of the MetaDB. Yes
drc_rm_db The name of the database for the OMS console. Yes
drc_cm_db The name of the MetaDB for the CM service. Yes
drc_cm_heartbeat_db The name of the heartbeat database for the CM service. Yes
cm_url The URL of the CM service of OMS Community Edition, Example: http://xxx.xxx.xxx.xxx:8088.
Note
In single-node deployment mode, the URL of the CM service is generally set to the IP address of the server where OMS Community Edition is deployed. We recommend that you do not set it to http://127.0.0.1:8088.
The access URL of the OMS console is in the format of IP address of the host on which OMS is deployed:8089. Example: http(https)://xxx.xxx.xxx.xxx:8089.
Port 8088 is used for program calls, and Port 8089 is used for web page access. You must specify port 8088.		 Yes
cm_location The code of the region. Value range: [0,127]. You can select one number for each region. Yes
cm_region The name of the region, such as cn-jiangsu.
Notice:
If you use OMS with the Alibaba Cloud Multi-Site High Availability (MSHA) service in an active-active disaster recovery scenario, use the region configured for the Alibaba Cloud service.		 No
cm_region_cn It is the same as cm_region, for example, cn-hangzhou. No
cm_nodes The server IP address list for the CM service of OMS Community Edition. Yes
cm_is_default Specifies whether the CM service is enabled for OMS Community Edition by default. No. Default value: true.
tsdb_enabled Indicates whether metric reporting is enabled for monitoring. Valid values: true and false. No. Default value: false.
tsdb_service The type of the time-series database. Valid values: INFLUXDB and CERESDB. No. Default value: CERESDB.
tsdb_url The IP address of the server where InfluxDB is deployed. You need to modify this parameter based on the actual environment if you set the tsdb_enabled parameter to true. No
tsdb_username The username used to connect to the time-series database. You need to modify this parameter based on the actual environment if you set the tsdb_enabled parameter to true. After you deploy the time-series database, manually create a user and specify the username and password. No
tsdb_password The password used to connect to the time-series database. You need to modify this parameter based on the actual environment if you set the tsdb_enabled parameter to true. No
oms_iam_auth The logon method. Valid values: OAUTH2 and LOCAL. OAUTH2 is compatible with the password-based logon method. Yes
oms_oauth2_user_account_name_field The field used to obtain the username from IdToken. Example: nick or nickname. Yes
oms_oauth2_sso_login_url http://{cm_url}/omsp/oauth2/authorization/oms?oms_back_url={serverDomain}. {serverDomain} is the domain name and oms_back_url is the page of OMS Community Edition displayed after the logon succeeds. Yes
spring_security_oauth2_client_registration_oms_client_id The client ID of the third-party application. Yes
spring_security_oauth2_client_registration_oms_client_secret The client secret of the third-party application. Yes
spring_security_oauth2_client_registration_oms_redirect_uri The callback URL in the http://{serverDomain}/login/oauth2/code/{registrationId} format, which is specified by redirectUrl.
{serverDomain} is the domain name and {registrationId} does not need to be entered.		 Yes
spring_security_oauth2_client_registration_oms_authorization_grant_type Currently, only the authorization-code mode is supported. Yes
spring_security_oauth2_client_registration_oms_scope The authorization scope. The value is a list of permission IDs separated with commas (,). openid must be included in the value. Yes
spring_security_oauth2_client_registration_oms_provider You can define the value. Example: oidc. Yes
spring_security_oauth2_client_provider_jwk_set_uri The endpoint used to retrieve the public key of the JSON web key (JWK) for decoding the JWK. Yes
spring_security_oauth2_client_provider_authorization_uri The authorization endpoint. Yes
spring_security_oauth2_client_provider_token_uri The endpoint used to obtain a token. Yes

Sample configuration file

Replace related parameters with the actual values in the target deployment environment.

oms_meta_host: xxx.xxx.xxx.xxx
oms_meta_port: 2883
oms_meta_user: oms_meta_user
oms_meta_password: ***********
drc_rm_db: oms_rm
drc_cm_db: oms_cm
drc_cm_heartbeat_db: oms_cm_heartbeat
cm_url: http://xxx.xxx.xxx.xxx:8088
cm_location: 100
cm_region: cn-anhui
cm_region_cn: cn-anhui
cm_is_default: true
cm_nodes:
  - xxx.xxx.xxx.xxx
tsdb_service: 'INFLUXDB'
tsdb_enabled: true
tsdb_url: 'xxx.xxx.xxx.xxx:8086'
tsdb_username: username
tsdb_password: *************
oms_iam_auth: OAUTH2   
oms_oauth2_user_account_name_field: nickname
oms_oauth2_sso_login_url: http://oms.example/org:8090/omsp/oauth2/authorization/oms?oms_back_url=http://oms.example.org:8090
spring_security_oauth2_client_registration_oms_client_id: xxx
spring_security_oauth2_client_registration_oms_client_secret: xxx
spring_security_oauth2_client_registration_oms_redirect_uri: http://oms.example.org:8090/omsp/login/oauth2/code/{registrationId}
spring_security_oauth2_client_registration_oms_authorization_grant_type: authorization_code
spring_security_oauth2_client_registration_oms_scope: openid,profile
spring_security_oauth2_client_registration_oms_clientAuthenticationMethod: client_secret_basic
spring_security_oauth2_client_registration_oms_provider: oms
spring_security_oauth2_client_provider_jwk_set_uri: https:xxx.com
spring_security_oauth2_client_provider_authorization_uri: https://xxxx/api/auth
spring_security_oauth2_client_provider_token_uri: https://xxx/api/token

Previous topic

Deploy OMS Community Edition on multiple nodes in multiple regions
Last

Next topic

Scale out OMS Community Edition
Next
What is on this page
Obtain parameters from the authentication center
Configure a callback URL
Deploy OMS Community Edition
Prerequisites
Procedure
Template and example of a configuration file
Configuration file template
Sample configuration file